Skype security flaw leads to hijacked accounts
Almost 30 million people use Skype every day
The VoIP communications-service Skype has had to suspend its password reset function after it was found that a security flaw made it possible to hijack user accounts.
Skype’s developers, Microsoft, have updated the password-resetting capabilities and will fix a flaw that reportedly has made the feature vulnerable to account-takeover attacks that were trivial to carry out. It has been reported that this security flaw was originally exposed on a Russian forum some months ago.
Also liable to hijacking are answerphone messages, old text messages and conversations, as well as sensitive user details.
A Skype spokesman said: "Early this morning we were notified of user concerns surrounding the security of the password reset feature on our website."
The hijacking issue has affected users who are registered to multiple Skype accounts with the same email address. Skype’s spokesman said: “We suspended the password reset feature temporarily this morning as a precaution and have made updates to the password reset process today so that it is now working properly."
Skype is also calling upon a small number of its users who have been affected to assist in the recovery. The spokesperson added: “Skype is committed to providing a safe and secure communications experience to our users and we apologise for the inconvenience."
The latest security flaw follows news last month that the company could distribute malware via its instant message tool.
It proves an embarrassing development for the Microsoft-owned company as they have been attempting to encourage their Windows Live Messengers to make the move to Skype. Microsoft hopes to retire Windows Live Messenger in all countries bar China by March 2013.
"There has been a lot of talk about the reported £30bn cost of the Sochi Games, so we go behind the scenes to find out where all that money has been spent"
- 3D Magnetic field rotation of light [00:40 am 12/03/14]
- What is the advantage and the disadvantage of pilot cable in power system protection? [11:26 pm 11/03/14]
- 125A 220VDC 4POLE CHANGEOVER SWITCH [04:27 pm 11/03/14]
- Radiation Leak at Underground Nuclear Waste Facility in America [07:36 am 11/03/14]
- Repeated Alternator Failure on Power Plant rated 16MVA/ 11,000V using 12x 415V generators [06:53 pm 10/03/14]
The essential source of engineering products and suppliers.
Tune into our latest podcast